专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2010142354A1 PACKET ROUTING IN A NETWORK 审中-公开
标题翻译：分组路由在网络中
公开(公告)号：WO2010142354A1
公开(公告)日：2010-12-16
申请号：PCT/EP2009/062785
申请日：2009-10-01
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , ESTEVE ROTHENBERG, Christian , JOKELA, Petri , NIKANDER, Pekka , SÄRELÄ, Mikko , YLITALO, Jukka
发明人： ESTEVE ROTHENBERG, Christian , JOKELA, Petri , NIKANDER, Pekka , SÄRELÄ, Mikko , YLITALO, Jukka
IPC分类号： H04L12/56 , H04L29/06
CPC分类号： H04L45/00 , H04L45/302 , H04L45/306 , H04L45/34 , H04L45/38
摘要： Packet routing information is encoded into a non-static compact representation of set membership, the compact representation of set membership being for inclusion into a header of a packet. The compact representation of set membership is computed using input parameters that include at least one packet-specific, flow-specific or processing-context-specific parameter. By making the compact representation of set membership packet-dependent, flow-dependent or processing-context-dependent it becomes harder for, for example, a potential attacker to obtain information needed to mount a DDoS attack. In a variant of the invention, the packet routing information is represented as a plurality of non-static identifiers for inclusion into a header of a packet.
摘要翻译：分组路由信息被编码成集合成员的非静态紧凑表示，集合隶属的紧凑表示被包含在分组的报头中。使用包括至少一个特定于分组，特定于流程或处理上下文的参数的输入参数计算集成员资格的紧凑表示。通过使集合成员关系数据包依赖，流依赖或处理上下文相关的紧凑表示，例如潜在攻击者获取安装DDoS攻击所需的信息变得更加困难。在本发明的变型中，分组路由信息被表示为用于包含在分组的报头中的多个非静态标识符。

2. 发明申请

WO2009109221A1 IP ADDRESS DELEGATION 审中-公开
标题翻译： IP地址代理
公开(公告)号：WO2009109221A1
公开(公告)日：2009-09-11
申请号：PCT/EP2008/052634
申请日：2008-03-04
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (publ) , CAMARILLO, Gonzalo , NIKANDER, Pekka
发明人： CAMARILLO, Gonzalo , NIKANDER, Pekka
IPC分类号： H04L29/06 , H04L29/12
CPC分类号： H04L63/0823 , G06F21/33 , H04L9/3263 , H04L29/1232 , H04L29/12801 , H04L29/12915 , H04L61/2092 , H04L61/6004 , H04L61/6059
摘要： A method of verifying a request made in respect of an IPv6 address comprising a network routing prefix and a cryptographically generated Interface Identifier. The request includes a delegation certificate containing at least a public key of said host, one or more further parameters or a formula or formulae for generating one or more further parameters, a specification of a range or set of IPv6 network routing prefixes, an identity of a delegated host, and a digital signature taken over at least said identity and said specification of a range or set of IPv6 network routing prefixes using a private key associated with said public key. The method comprises verifying that said network routing prefix of said IPv6 address is contained within said specification, verifying that said public key and said further parameter(s) can be used to generate said cryptographically generated Interface Identifier, and verifying said signature using said public key.
摘要翻译：一种验证关于包括网络路由前缀和密码生成的接口标识符的IPv6地址的请求的方法。该请求包括至少包含所述主机的公开密钥的委托证书，一个或多个其他参数或用于生成一个或多个其他参数的公式或公式，IPv6网络路由前缀的范围或集合的规范，授权主机以及使用与所述公共密钥相关联的私钥的至少所述身份和所述IPv6网络路由前缀的范围或集合的规范的数字签名。该方法包括验证所述IPv6地址的所述网络路由前缀是否包含在所述规范内，验证所述公开密钥和所述另外的参数可以用于生成所述加密生成的接口标识符，并且使用所述公共密钥验证所述签名。

3. 发明申请

WO2007121787A1 IP MOBILITY WITHIN A COMMUNICATION SYSTEM 审中-公开
标题翻译：通信系统中的IP移动性
公开(公告)号：WO2007121787A1
公开(公告)日：2007-11-01
申请号：PCT/EP2006/061819
申请日：2006-04-25
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (publ) , NIKANDER, Pekka , LEVKOWETS, Henrik
发明人： NIKANDER, Pekka , LEVKOWETS, Henrik
IPC分类号： H04L29/06 , H04L29/12
CPC分类号： H04L61/2532 , H04L29/12415 , H04W8/082 , H04W8/26 , H04W40/24 , H04W80/04 , H04W88/16
摘要： A method of routing IP traffic to and from a mobile terminal able to connect to the Internet via two or more gateway nodes. The method comprises implementing a multi- addressing multi-homing protocol at each gateway node on behalf of the mobile terminal, and sharing protocol state information between gateway nodes to allow gateway nodes to update state information at the corresponding node when the mobile terminal changes gateway node.
摘要翻译：将IP流量路由到能够通过两个或多个网关节点连接到因特网的移动终端的方法。该方法包括代表移动终端在每个网关节点处实现多寻址多归属协议，并且在网关节点之间共享协议状态信息，以便当移动终端改变网关节点时允许网关节点更新相应节点处的状态信息。

4. 发明申请

WO2006133740A1 HOST IDENTITY PROTOCOL METHOD AND APPARATUS 审中-公开
标题翻译：主机标识协议方法和设备
公开(公告)号：WO2006133740A1
公开(公告)日：2006-12-21
申请号：PCT/EP2005/052839
申请日：2005-06-17
申请人： OY LM ERICSSON AB , NIKANDER, Pekka
发明人： NIKANDER, Pekka
IPC分类号： H04L29/06
CPC分类号： H04L63/0442 , H04L63/08 , H04L63/12
摘要： A modified Host Identity Protocol, HIP, base exchange method is provided for use by first and second HIP hosts (Initiator and Responder) having a shared state from a pre- existing relationship. In the modified HIP base exchange method, an authentication message (I2') is sent (S2) from the first host (Initiator) to the second host (Responder) comprising an identifier (HITI) of the first host (Initiator) and a cryptographic item (PF). The authentication message (I2') is received (S3) at the second host (Responder). Following receipt, the identifier and information relating to the shared state are used (S4) to authenticate the cryptographic item (PF). If the cryptographic item, and the rest of the authentication message, is authenticated, a confirmation message (R2') is sent from the second host (Responder) to the first host (Initiator) to indicate successful authentication. These two messages (I2' and R2') are equivalent to the I2 and R2 messages of the standard HIP base exchange protocol, and the requirement for the I1 and R1 messages from the standard HIP base exchange protocol is eliminated.
摘要翻译：提供修改的主机身份协议HIP基本交换方法，用于具有来自预先存在的关系的共享状态的第一和第二HIP主机（发起者和响应者）使用。在经修改的HIP基本交换方法中，从第一主机（发起方）向第二主机（响应者）发送认证消息（I2'）（S2），包括第一主机（发起方）的标识符（HITI）项目（PF）。在第二主机（响应者）处接收认证消息（I2'）（S3）。在接收之后，使用与共享状态相关的标识符和信息（S4）来验证密码项（PF）。如果加密项目和认证消息的其余部分被认证，则从第二主机（响应器）向第一主机（发起方）发送确认消息（R2'）以指示成功认证。这两个消息（I2'和R2'）等同于标准HIP基本交换协议的I2和R2消息，并且消除了来自标准HIP基本交换协议的对于I1和R1消息的要求。

5. 发明申请

WO2006084895A3 METHOD AND APPARATUS FOR ENSURING PRIVACY IN COMMUNICATIONS BETWEEN PARTIES USING PAIRING FUNCTIONS 审中-公开
公开(公告)号：WO2006084895A3
公开(公告)日：2006-08-17
申请号：PCT/EP2006/050840
申请日：2006-02-10
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , NIKANDER, Pekka , ARKKO, Jari , NÄSLUND, Mats
发明人： NIKANDER, Pekka , ARKKO, Jari , NÄSLUND, Mats
IPC分类号： H04L9/30 , H04Q7/32 , H04Q7/38
摘要： A method of improving privacy by hiding, in an ordered sequence of messages M[x(1), D(1)], M[x(2), D(2)], etc, communicated between a first and at least one second party sharing a key k, metadata x(i) descriptive of message processing, wherein D(i) denotes payload data. The method comprises the first and the second party agreeing on a pseudo random mapping depending on a shared key k, F k , mapping at least x(i) to y(i), and the first party modifying the messages by replacing x(i) by y(i) in each message M(x(i), D(i)). The first party then transmits the modified messages maintaining their original order, and on reception of a message M(y(m), D), the second party uses a mapping G k to retrieve position m of received value and the original value x(m).

6. 发明申请

WO1998026381A1 METHOD AND SYSTEM FOR PERFORMING ELECTRONIC MONEY TRANSACTIONS 审中-公开
标题翻译：执行电子货币交易的方法和系统
公开(公告)号：WO1998026381A1
公开(公告)日：1998-06-18
申请号：PCT/FI1997000780
申请日：1997-12-12
申请人： NIXU OY , NIKANDER, Pekka
发明人： NIXU OY
IPC分类号： G07F07/10
CPC分类号： H04L63/0281 , G06Q20/02 , G06Q20/04 , G06Q20/065 , G06Q20/0855 , G06Q20/10 , G06Q20/102 , G06Q20/12 , G06Q20/16 , G06Q20/24 , G06Q20/32 , G06Q20/363 , G06Q20/381 , G07F7/0866 , H04L67/28 , H04L67/2823 , H04L67/327 , H04L2463/102 , H04M15/68 , H04M2215/0196
摘要： The present invention relates to electronic monetary systems in general, and in particular to measures for making their use easier for an average user. The present invention is based on the idea that the use of electronic money is greatly simplified for a non-expert user, if the Internet Service Provider of the user takes care of the payments, and adds corresponding charges on the user's telephone bill. Such functionality requires the intervention of the ISP in the transmissions between a user and a third party, i.e. intercepting the electronic payment requests sent by a merchant. According to the present invention, the ISP uses electronic money on behalf of the user, and charges the payments on the user's telephone bill. The ISP can take care of all technical details necessary for obtaining different forms of electronic money in a centralized manner, and all users of the ISP can use the electronic money obtained by the ISP simply by allowing the ISP to add corresponding charges to their telephone bills. Further, the ISP can obtain all major forms of electronic money, whereafter a user can choose the most economical way of payment, if a merchant accepts payments in more than one form of electronic money.
摘要翻译：本发明一般涉及电子货币系统，特别涉及一般使用者使其更容易使用的措施。本发明基于以下思想：如果用户的因特网服务提供商负责支付，并且在用户的电话账单上增加相应的费用，则非专业用户大大简化了电子货币的使用。这样的功能需要ISP在用户和第三方之间的传输中的干预，即拦截商家发送的电子支付请求。根据本发明，ISP代表用户使用电子货币，并对用户电话账单支付费用。互联网服务提供商可以全面掌握以集中的方式获取不同形式的电子货币所需的所有技术细节，ISP的所有用户都可以使用ISP获取的电子货币，只需通过允许ISP将相应的费用加入电话账单。此外，ISP可以获得所有主要形式的电子货币，之后如果商家以多种形式的电子货币接受付款，则用户可以选择最经济的付款方式。

7. 发明申请

WO2011128183A2 METHOD AND APPARATUS FOR INTERWORKING WITH SINGLE SIGN-ON AUTHENTICATION ARCHITECTURE 审中-公开
标题翻译：用于与单一标识认证架构交互的方法和装置
公开(公告)号：WO2011128183A2
公开(公告)日：2011-10-20
申请号：PCT/EP2011/054303
申请日：2011-03-22
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , NIKANDER, Pekka , EKDAHL, Patrik , LEHTOVIRTA, Vesa , NORRMAN, Karl , WIFVESSON, Monica
发明人： NIKANDER, Pekka , EKDAHL, Patrik , LEHTOVIRTA, Vesa , NORRMAN, Karl , WIFVESSON, Monica
IPC分类号： H04L29/06
CPC分类号： H04L63/0815 , H04L63/0853 , H04L63/18 , H04W12/06
摘要： A method is provided for use in interworking a single sign-on authentication architecture and a further authentication architecture in a split terminal scenario. The split terminal scenario is one in which authentication under the single sign-on authentication architecture is required of a browsing agent (8) being used to access a relying party and in response, due to the interworking in the split terminal scenario, an associated authentication under the further authentication architecture is performed in relation to a separate authentication agent (7). A controlling agent (4) sends (C3) a token to the authentication agent (7). The controlling agent (4) sends (C4) a request to the browsing agent (8) to return a token for comparing with the token sent to the authentication agent (7). The controlling agent (4) waits (C6) for the authentication agent (7) or a user of the authentication agent (7) to communicate (A2) the received token to the browsing agent (8) via a secure and/or trusted channel and for the browsing agent (8), in response to the earlier received request, to forward (B4) the token to the controlling agent (4). The controlling agent (4) receives (C7) the token from the browsing agent (8). The controlling agent (4) compares (C10) the received token with the token sent to the authentication agent (7) to determine whether the authentication agent (7) is authorised to perform authentication on behalf of the browsing agent (8) and/or whether the browsing agent (8) is authorised to act as a representative for the authentication agent (7). The controlling agent (4) authenticates (C11) the browsing agent (8) to the relying party based on the associated authentication performed in relation to the authentication agent (7) if it is determined in the comparing step (C10) that the authentication agent (7) and/or browsing agent (8) is so authorised.
摘要翻译：提供了一种用于在分离终端场景中互通单一登录认证架构和另外的认证架构的方法。分裂终端场景是其中需要用于访问依赖方的浏览代理（8）的单点登录认证体系结构下的认证，并且由于分裂终端场景中的互通，相关联的认证在另外的认证体系结构下相对于单独的认证代理（7）执行。控制代理（4）向认证代理（7）发送（C3）令牌。控制代理（4）向浏览代理（8）发送（C4）请求以返回与发送给认证代理（7）的令牌进行比较的令牌。控制代理（4）等待认证代理（7）的认证代理（7）或认证代理（7）的用户通过安全和/或受信任的信道将接收的令牌（A2）通信（A2）到浏览代理（8）并且对于浏览代理（8），响应于较早接收到的请求，将令牌转发（B4）到控制代理（4）。控制代理（4）从浏览代理（8）接收（C7）令牌。控制代理（4）将接收的令牌（C10）与发送给认证代理（7）的令牌进行比较（C10），以确定认证代理（7）是否被授权代表浏览代理（8）执行认证和/或浏览代理（8）是否被授权充当认证代理（7）的代表。如果在比较步骤（C10）中确定认证代理（7）确定了相对于认证代理（7）执行的关联认证，则控制代理（4）将浏览代理（8）认证给依赖方（C11）（7）和/或浏览代理（8）被授权。

8. 发明申请

WO2008098611A1 SIGNALLING DELEGATION IN A MOVING NETWORK 审中-公开
标题翻译：移动网络中的信号识别
公开(公告)号：WO2008098611A1
公开(公告)日：2008-08-21
申请号：PCT/EP2007/051346
申请日：2007-02-12
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , MELÉN, Jan , YLITALO, Jukka , NIKANDER, Pekka , JOKELA, Petri
发明人： MELÉN, Jan , YLITALO, Jukka , NIKANDER, Pekka , JOKELA, Petri
IPC分类号： H04L29/06 , H04L12/22
CPC分类号： H04L63/06 , H04L9/3213 , H04L63/0823 , H04W12/04 , H04W12/06 , H04W36/0038 , H04W80/00 , H04W80/04 , H04W84/005 , H04W84/047
摘要： I order to delegate location update signalling responsibility from a Mobile Node to a Mobile Router, the Mobile Router is provided with a second symmetric key generated by a Mobile Node using a first symmetric key shared between the Mobile Node and a Peer Node. The Mobile Router is additionally provided with a "certificate" authenticating the second symmetric key using the first symmetric key. In this way, the mobile router can sign location update related messages sent to the Peer Node with the second symmetric key, and can provide the Peer Node with the certificate in order to allow the Peer Node to authenticate the right of the Mobile Router to act on behalf of the Mobile Node.
摘要翻译：我命令将位置更新信令责任从移动节点委托给移动路由器，移动路由器被提供有由移动节点使用在移动节点和对等节点之间共享的第一对称密钥生成的第二对称密钥。移动路由器另外设置有使用第一对称密钥来认证第二对称密钥的“证书”。以这种方式，移动路由器可以使用第二对称密钥来签署发送到对等节点的位置更新相关消息，并且可以向对等节点提供证书，以便允许对等节点认证移动路由器的权利代表移动节点。

9. 发明申请

WO2006084895A2 METHOD AND APPARATUS FOR ENSURING PRIVACY IN COMMUNICATIONS BETWEEN PARTIES 审中-公开
标题翻译：在缔约方之间通信中保护隐私的方法和装置
公开(公告)号：WO2006084895A2
公开(公告)日：2006-08-17
申请号：PCT/EP2006050840
申请日：2006-02-10
申请人： ERICSSON TELEFON AB L M , NIKANDER PEKKA , ARKKO JARI , NAESLUND MATS
发明人： NIKANDER PEKKA , ARKKO JARI , NAESLUND MATS
IPC分类号： H04L9/30 , H04L9/08 , H04L12/56 , H04L29/06 , H04W12/04
CPC分类号： H04L63/0414 , H04L9/0844 , H04L63/0272 , H04L63/164 , H04L2209/38 , H04L2209/80 , H04W12/02 , H04W12/04
摘要： A method of improving privacy by hiding, in an ordered sequence of messages M[x(1), D(1)], M[x(2), D(2)], etc, communicated between a first and at least one second party sharing a key k, metadata x(i) descriptive of message processing, wherein D(i) denotes payload data. The method comprises the first and the second party agreeing on a pseudo random mapping depending on a shared key k, F k , mapping at least x(i) to y(i), and the first party modifying the messages by replacing x(i) by y(i) in each message M(x(i), D(i)). The first party then transmits the modified messages maintaining their original order, and on reception of a message M(y(m), D), the second party uses a mapping G k to retrieve position m of received value and the original value x(m).
摘要翻译：一种通过以有序的消息M [x（1），D（1）]，M [x（2），D（2）]等的顺序隐藏来提高隐私的方法，在第一和至少一个共享密钥k的第二方，元数据x（i）描述消息处理，其中D（i）表示有效载荷数据。该方法包括第一方和第二方根据共享密钥k至少映射至少x（i）至y（i）的伪随机映射，并且第一方修改通过在每个消息M（x（i），D（i））中将x（i）替换y（i）的消息。第一方然后发送修改的消息维持其原始顺序，并且在接收消息M（y（m），D）时，第二方使用映射G 来检索所接收的位置m 值和原始值x（m）。

10. 发明申请

WO2006018045A1 FAST NETWORK ATTACHMENT 审中-公开
标题翻译：快速网络连接
公开(公告)号：WO2006018045A1
公开(公告)日：2006-02-23
申请号：PCT/EP2004/051871
申请日：2004-08-20
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , ARKKO, Jari , NIKANDER, Pekka
发明人： ARKKO, Jari , NIKANDER, Pekka
IPC分类号： H04L12/28
CPC分类号： H04W60/00 , H04L63/0823 , H04L63/126 , H04W8/087 , H04W12/06 , H04W40/02 , H04W74/00 , H04W80/00 , H04W80/04
摘要： A method of facilitating Internet Protocol access by a mobile node to an access Network, the method comprising: sending an attachment request from the mobile node to an access router of the access network, the request containing a mobile node identifier and an Interface Identifier or means for deriving an Interface Identifier, and being signed by the mobile node to allow the message to be authenticated as originating at that mobile node; receiving the request at the access router and authenticating the message there using the signature, and in response to the receipt and authentication of the message, performing a predefined set of tasks delegated to the access node and which are required to facilitate said access; and returning an acknowledgment from the access router to the mobile node confirming the access permission, the acknowledgement containing a network routing prefix and means for authenticating the access router to the mobile node.
摘要翻译：一种促进移动节点对接入网络的因特网协议访问的方法，所述方法包括：从所述移动节点向所述接入网络的接入路由器发送附着请求，所述请求包含移动节点标识符和接口标识符或装置用于导出接口标识符，并且被移动节点签名以允许将该消息认证为源于该移动节点; 在所述接入路由器处接收所述请求并使用所述签名在其上验证所述消息，并且响应于所述消息的接收和认证，执行委托给所述接入节点的预定义的任务集合，并且为便于所述接入而需要该任务; 以及从所述接入路由器返回确认所述访问许可的所述确认，所述确认包含网络路由前缀以及用于认证到所述移动节点的所述接入路由器的装置。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式